ReportizFlow
Filtered by vendor Cellopoint
Subscriptions
Filtered by product Cellos
Subscriptions
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-17386 | 1 Cellopoint | 1 Cellos | 2025-05-08 | 6.5 Medium |
| Cellopoint CelloOS v4.1.10 Build 20190922 does not validate URL inputted properly. With cookie of an authenticated user, attackers can temper with the URL parameter and access arbitrary file on system. | ||||
| CVE-2020-17385 | 1 Cellopoint | 1 Cellos | 2025-05-08 | 7.5 High |
| Cellopoint CelloOS v4.1.10 Build 20190922 does not validate URL inputted properly, which allows unauthorized user to launch Path Traversal attack and access arbitrate file on the system. | ||||
| CVE-2020-17384 | 1 Cellopoint | 1 Cellos | 2025-05-08 | 7.2 High |
| Cellopoint CelloOS v4.1.10 Build 20190922 does not validate URL inputted properly. With the cookie of the system administrator, attackers can inject and remotely execute arbitrary command to manipulate the system. | ||||
Page 1 of 1.